FIG. 1 illustrates a typical implementation of a self-service terminal (SST) 10 designed to meet the Europay MasterCard Visa (EMV) specification. The EMV specification is an agreed specification between Europay, MasterCard, and Visa for the acceptance of smart chip cards and the handling of PIN data for credit and debit schemes. The objectives of the EMV specification are to reduce fraud, allow off-line secure transactions, allow issuers of the smart chip cards to change card parameters after issuance, and allow multi-application cards.
The SST 10 includes a controller 12, a Personal Identification Number (PIN) pad 14, and a hybrid card reader 16 including one or more secure access modules (SAMs). The hybrid card reader 16 is a combination magnetic stripe card reader and a smart card reader. A smart card is a type of credit or debit card that contains a microchip having a significant amount of memory for storing various card parameters, which may include a user's PIN. Each of the SAMs included in the card reader 16 contain proprietary information and operate to provide off-line PIN validation for a particular application.
In operation, a customer's smart card is read by the card reader 16, and the customer enter his PIN into the PINpad 14. The PINpad 14 encrypts the PIN and communicates the encrypted PIN to the controller 12. The controller 12 passes the encrypted PIN to the card reader 16. For off-line validation, the card reader 16 decrypts the PIN using a local key compatible the key used by the PINpad 14 to encrypt the PIN, and the card reader 16 communicates the PIN to the SAMs for validation. Off-line validation allows verification of the customer's PIN on-site without communicating with a remote system. For on-line validation, the controller 12 decrypts the PIN using a local key compatible the key used by the PINpad 14 to encrypt the PIN, and after decrypting the PIN, the card reader 16 encrypts the PIN using a stored bank key and communicates the PIN encrypted using the bank key to a host computer via the POS 18 for PIN validation.
The SAMs are incorporated into the card reader 16, and the card reader 16 must include a different SAM for each application that the SST 10 is required to support. Accordingly, if an operator installs more than one SST 10 in a retail environment, the operator must purchase a set of SAMs for each card reader 16. Further, the SST 10 is an expensive tamper-resistant unit. When one of the controller 12, PINpad 16, or card reader 16 is faulty, alternative embodiments may require the replacement of the entire SST 10. Since the SST 10 is expensive, it is not desirable to replace the entire SST 10 when only one component is faulty.
Thus, there remains a need for a retail environment that eliminates the need for a complete set of SAMs for each card reader. There also remains a need for a self-service terminal that eliminates the need to replace the entire terminal when a single component is faulty.